X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=ssl%2Fd1_srvr.c;h=4847a866b5d9340e777096f855631a07d45806ad;hb=5abe32d8611b26630305731f7dd4ea564264719e;hp=81c1790ab33d5f302272c1d0322047148a66f51a;hpb=36d16f8ee0845d932e250286e8e236580470e35b;p=oweals%2Fopenssl.git

diff --git a/ssl/d1_srvr.c b/ssl/d1_srvr.c
index 81c1790ab3..4847a866b5 100644
--- a/ssl/d1_srvr.c
+++ b/ssl/d1_srvr.c
@@ -121,11 +121,15 @@
 #include <openssl/evp.h>
 #include <openssl/x509.h>
 #include <openssl/md5.h>
+#include <openssl/bn.h>
+#ifndef OPENSSL_NO_DH
+#include <openssl/dh.h>
+#endif
 
-static SSL_METHOD *dtls1_get_server_method(int ver);
+static const SSL_METHOD *dtls1_get_server_method(int ver);
 static int dtls1_send_hello_verify_request(SSL *s);
 
-static SSL_METHOD *dtls1_get_server_method(int ver)
+static const SSL_METHOD *dtls1_get_server_method(int ver)
 	{
 	if (ver == DTLS1_VERSION)
 		return(DTLSv1_server_method());
@@ -133,28 +137,10 @@ static SSL_METHOD *dtls1_get_server_method(int ver)
 		return(NULL);
 	}
 
-SSL_METHOD *DTLSv1_server_method(void)
-	{
-	static int init=1;
-	static SSL_METHOD DTLSv1_server_data;
-
-	if (init)
-		{
-		CRYPTO_w_lock(CRYPTO_LOCK_SSL_METHOD);
-
-		if (init)
-			{
-			memcpy((char *)&DTLSv1_server_data,(char *)dtlsv1_base_method(),
-				sizeof(SSL_METHOD));
-			DTLSv1_server_data.ssl_accept=dtls1_accept;
-			DTLSv1_server_data.get_ssl_method=dtls1_get_server_method;
-			init=0;
-			}
-			
-		CRYPTO_w_unlock(CRYPTO_LOCK_SSL_METHOD);
-		}
-	return(&DTLSv1_server_data);
-	}
+IMPLEMENT_dtls1_meth_func(DTLSv1_server_method,
+			dtls1_accept,
+			ssl_undefined_function,
+			dtls1_get_server_method)
 
 int dtls1_accept(SSL *s)
 	{
@@ -180,7 +166,7 @@ int dtls1_accept(SSL *s)
 
 	if (s->cert == NULL)
 		{
-		SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
+		SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
 		return(-1);
 		}
 
@@ -204,7 +190,7 @@ int dtls1_accept(SSL *s)
 
 			if ((s->version & 0xff00) != (DTLS1_VERSION & 0xff00))
 				{
-				SSLerr(SSL_F_SSL3_ACCEPT, ERR_R_INTERNAL_ERROR);
+				SSLerr(SSL_F_DTLS1_ACCEPT, ERR_R_INTERNAL_ERROR);
 				return -1;
 				}
 			s->type=SSL_ST_ACCEPT;
@@ -569,7 +555,7 @@ int dtls1_accept(SSL *s)
 			/* break; */
 
 		default:
-			SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);
+			SSLerr(SSL_F_DTLS1_ACCEPT,SSL_R_UNKNOWN_STATE);
 			ret= -1;
 			goto end;
 			/* break; */
@@ -673,7 +659,8 @@ int dtls1_send_server_hello(SSL *s)
 	{
 	unsigned char *buf;
 	unsigned char *p,*d;
-	int i,sl;
+	int i;
+	unsigned int sl;
 	unsigned long l,Time;
 
 	if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
@@ -707,7 +694,7 @@ int dtls1_send_server_hello(SSL *s)
 		sl=s->session->session_id_length;
 		if (sl > sizeof s->session->session_id)
 			{
-			SSLerr(SSL_F_SSL3_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
+			SSLerr(SSL_F_DTLS1_SEND_SERVER_HELLO, ERR_R_INTERNAL_ERROR);
 			return -1;
 			}
 		*(p++)=sl;
@@ -812,7 +799,7 @@ int dtls1_send_server_key_exchange(SSL *s)
 				if(rsa == NULL)
 				{
 					al=SSL_AD_HANDSHAKE_FAILURE;
-					SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
+					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_ERROR_GENERATING_TMP_RSA_KEY);
 					goto f_err;
 				}
 				RSA_up_ref(rsa);
@@ -821,7 +808,7 @@ int dtls1_send_server_key_exchange(SSL *s)
 			if (rsa == NULL)
 				{
 				al=SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
 				goto f_err;
 				}
 			r[0]=rsa->n;
@@ -841,20 +828,20 @@ int dtls1_send_server_key_exchange(SSL *s)
 			if (dhp == NULL)
 				{
 				al=SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
 				goto f_err;
 				}
 
 			if (s->s3->tmp.dh != NULL)
 				{
 				DH_free(dh);
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE, ERR_R_INTERNAL_ERROR);
 				goto err;
 				}
 
 			if ((dh=DHparams_dup(dhp)) == NULL)
 				{
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
 				goto err;
 				}
 
@@ -865,7 +852,7 @@ int dtls1_send_server_key_exchange(SSL *s)
 				{
 				if(!DH_generate_key(dh))
 				    {
-				    SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,
+				    SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,
 					   ERR_R_DH_LIB);
 				    goto err;
 				    }
@@ -877,7 +864,7 @@ int dtls1_send_server_key_exchange(SSL *s)
 				if ((dh->pub_key == NULL) ||
 					(dh->priv_key == NULL))
 					{
-					SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
 					goto err;
 					}
 				}
@@ -889,7 +876,7 @@ int dtls1_send_server_key_exchange(SSL *s)
 #endif
 			{
 			al=SSL_AD_HANDSHAKE_FAILURE;
-			SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+			SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
 			goto f_err;
 			}
 		for (i=0; r[i] != NULL; i++)
@@ -916,7 +903,7 @@ int dtls1_send_server_key_exchange(SSL *s)
 
 		if (!BUF_MEM_grow_clean(buf,n+DTLS1_HM_HEADER_LENGTH+kn))
 			{
-			SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
+			SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
 			goto err;
 			}
 		d=(unsigned char *)s->init_buf->data;
@@ -955,7 +942,7 @@ int dtls1_send_server_key_exchange(SSL *s)
 				if (RSA_sign(NID_md5_sha1, md_buf, j,
 					&(p[2]), &u, pkey->pkey.rsa) <= 0)
 					{
-					SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
+					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
 					goto err;
 					}
 				s2n(u,p);
@@ -974,7 +961,7 @@ int dtls1_send_server_key_exchange(SSL *s)
 				if (!EVP_SignFinal(&md_ctx,&(p[2]),
 					(unsigned int *)&i,pkey))
 					{
-					SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
+					SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
 					goto err;
 					}
 				s2n(i,p);
@@ -985,7 +972,7 @@ int dtls1_send_server_key_exchange(SSL *s)
 				{
 				/* Is this error check actually needed? */
 				al=SSL_AD_HANDSHAKE_FAILURE;
-				SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
+				SSLerr(SSL_F_DTLS1_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
 				goto f_err;
 				}
 			}
@@ -1047,7 +1034,7 @@ int dtls1_send_certificate_request(SSL *s)
 				j=i2d_X509_NAME(name,NULL);
 				if (!BUF_MEM_grow_clean(buf,DTLS1_HM_HEADER_LENGTH+n+j+2))
 					{
-					SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
+					SSLerr(SSL_F_DTLS1_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
 					goto err;
 					}
 				p=(unsigned char *)&(buf->data[DTLS1_HM_HEADER_LENGTH+n]);
@@ -1075,7 +1062,7 @@ int dtls1_send_certificate_request(SSL *s)
 		d=(unsigned char *)buf->data;
 		*(d++)=SSL3_MT_CERTIFICATE_REQUEST;
 		l2n3(n,d);
-		l2n(s->d1->handshake_write_seq,d);
+		s2n(s->d1->handshake_write_seq,d);
 		s->d1->handshake_write_seq++;
 
 		/* we should now have things packed up, so lets send
@@ -1122,7 +1109,7 @@ int dtls1_send_server_certificate(SSL *s)
                                 & (SSL_MKEY_MASK|SSL_AUTH_MASK))
                         != (SSL_aKRB5|SSL_kKRB5))
 			{
-			SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
+			SSLerr(SSL_F_DTLS1_SEND_SERVER_CERTIFICATE,ERR_R_INTERNAL_ERROR);
 			return(0);
 			}